security – Page 9

Bookmarks for 9 ago 2011 through 14 ago 2011

These are my links for 9 ago 2011 through 14 ago 2011:

OWASP Zed Attack Proxy Project – OWASP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. 
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. 
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
500 Internal Server Error – 500 Internal Server Error
500 Internal Server Error – 500 Internal Server Error

Bookmarks for 13 lug 2011 through 18 lug 2011

These are my links for 13 lug 2011 through 18 lug 2011:

Perl Net::FTP – Before the wide spread availability of Perl, I would script ftp transfers with .netrc, ksh scripts and other clumsy ways. None of those methods are fun, flexible or easy. On the other hand, Perl's Net::FTP module is all of that. 
 
With Net::FTP, you have total control. You know when there are errors, timeouts, whatever. It's not at all difficult: anyone with basic scripting skills can understand and use this. 
 
I'm going to present two programs here. One is very simple; you can probably understand it even if you know no Perl at all. It just logs into my ftp site, gets a listing, and displays it. The other is a fairly complicated program that goes out to a list of hosts and gets files with a date equal to or newer than what you specify. Even with the extra complexity, you should be able to follow it, and perhaps modify it for your own needs.
500 Internal Server Error – 500 Internal Server Error
Top 10 Web Application Penetration Testing Tools (actually 11) « lo0.ro – [via http://www.bufferoverflow.it/ ]

Bookmarks for 12 lug 2011 through 13 lug 2011

These are my links for 12 lug 2011 through 13 lug 2011:

Top 10 Web Application Penetration Testing Tools (actually 11) « lo0.ro – [via http://www.bufferoverflow.it/ ]
How to Log In to Windows Without the Password – […] So I booted into Ubuntu, went to the Windows System 32 directory, renamed utilman.exe to utilman.old, copied cmd.com to utilman.exe and rebooted…[…] 
 
Pazzesco… 
 
[viahttp://www.bufferoverflow.it ]
500 Internal Server Error – 500 Internal Server Error

Bookmarks for 6 lug 2011 through 7 lug 2011

These are my links for 6 lug 2011 through 7 lug 2011:

Remote desktop credentials audit with Ncrack » Eclectic Security – The Remote Desktop Protocol is often underestimated as a possible way to break into a system during a penetration test… 
 
[via http://www.bufferoverflow.it ]
VPN gratis IP americano con VPNOD – Basta avere un indirizzo email valido per usare VPNOD, un servizio di VPN in beta che sta offendo account gratis ancora per poco tempo. Non è ancora possibile sapere quanto costerà il servizio una volta uscito dalla fase beta ma per ora si può usare senza restrizioni.
CSS Border Radius Generator – [via http://www.bufferoverflow.it]
Free Creative Commons LPI Level 1 Linux Training Manual Released | Linux Training – LPI Certified Training and Exams – Last year (2010), in August, I was engaged as one of the authors to write the recently released, "Linux System Administration, LPI Certification Level 1" manual. The training manual has been released under a creative commons license and is free for users to redsitribute and use.
Alfresco integration with Active Directory | Another Stranger Me – One of the main features of the Alfresco ECM System is the ability to integrate user authentication and synchronization with Microsoft Active Directory. 
 
Unfortunately, integration is not trivial and it is error prone. 
 
[eh…]

Bookmarks for 6 giu 2011 through 7 giu 2011

These are my links for 6 giu 2011 through 7 giu 2011:

Router/Bridge Firewall Linux – Zeroshell è una distribuzione Linux per server e dispositivi embedded il cui scopo è fornire i principali servizi di rete di cui una LAN necessita. È disponibile nel formato di Live CD o di immagine per Compact Flash ed è configurabile ed amministrabile tramite un browser web. Di seguito sono elencate le principali caratteristiche di questa distribuzione Linux utile a costruire Net Appliance:
Clint Boessen’s Blog: Allowing Domain Membership through a Cisco Firewall – When setting up windows networks a DMZ must be created. This DMZ cannot contain any PC's that are a member of your internal Active Directory domain for security reasons. For your SME companies best practice is to generally configure all machines in your DMZ in a workgroup setup. For your enterprise companies best practice is to create a separate active directory forest for your DMZ. This allows centralised management over your DMZ servers allowing administrators to control servers using things such as Group Policy and WSUS. 
 
However there are times where you need to allow PC's in your DMZ to access your internal Active Directory.
Peter’s Firewalling with PF manuscript – More than 96,000 served! — Next scheduled tutorial will be at UKUUG, Sep 22 2011: http://ukuug.org – The most up to date published versions of the Firewalling with PF manuscript in various formats
Dell System Information / Dell Warranty Extensions & Upgrades / Dell Warranty Status – View the system information for a particular service tag.
IBM Support Portal – Tivoli Storage Manager – Enter the information found on the back of the system to check your warranty status.

Bookmarks for 3 giu 2011 from 11:19 to 15:00

These are my links for 3 giu 2011 from 11:19 to 15:00:

500 Internal Server Error – 500 Internal Server Error
Operating Systems – NSA/CSS – NSA has developed and distributed configuration guidance for operating systems. These guides are currently being used throughout the government and by numerous entities as a security baseline for their systems. 
 
[via http://www.bufferoverflow.it/]
TechPain: Windows: Show or Delete files older than X days – Using forfiles to show and/or delete files older than X amount of days:
Tutto sugli ascensori | Il Post – Qual è il paese con più ascensori al mondo? A cosa serve il tasto di chiusura porte? Storia e notizie del mezzo di trasporto che usiamo di più
10 useful .htaccess snippets to have in your toolbox | CatsWhoCode.com – .htaccess, the file which control the Apache webserver, is very useful and allows you to do a lot of things. In this article, I have compiled 10 .htaccess snippets that any web developer should have in his toolbox 
 
[via http://www.bufferoverflow.it ]

Bookmarks for 16 mag 2011 through 17 mag 2011

These are my links for 16 mag 2011 through 17 mag 2011:

Simple Management for BIND | Download Simple Management for BIND software for free at SourceForge.net – Smbind is a PHP-based tool for managing DNS zones for BIND via the web. Supports per-user administration of zones, error checking, and a PEAR DB database backend. Demo and screenshots available.
SOSFTP | Download SOSFTP software for free at SourceForge.net – SOSFTP is a file transfer solution for FTP/ FTPS/ SFTP. It implements a configurable command line client for batch processing with error handling and logging capabilities and maintains a transfer history. 
 
(Open Source solution for Managed File Transfer)
mitmproxy – home – mitmproxy is an SSL-capable, intercepting HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly. 
 
mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP. 
 
Features 
 
Intercept and modify HTTP traffic on the fly 
Save HTTP conversations for later replay and analysis 
Replay both HTTP clients and servers 
Make scripted changes to HTTP traffic using Python 
SSL interception certs generated on the fly

Bookmarks for 10 mag 2011 through 12 mag 2011

These are my links for 10 mag 2011 through 12 mag 2011:

ostinato – Packet/Traffic Generator and Analyzer – Google Project Hosting – Ostinato is an open-source, cross-platform network packet crafter/traffic generator and analyzer with a friendly GUI. Craft and send packets of several streams with different protocols at different rates. For the full feature list see below. 
Ostinato aims to be "Wireshark in Reverse" and become complementary to Wireshark.
BashPitfalls – Greg’s Wiki – This page shows common errors that Bash programmers make.
Wiki structure for AIX documentation – Summary: This article provides a structure, configuration, and methodology for building and maintaining an automated wiki server for your AIX technical documentation. One of the most difficult tasks associated with system administration is maintaining a centralized documentation repository and enforcing standards for documentation in the repository. The wiki environment helps to create a standardized look-and-feel for your documentation repository and provides an easy to maintain environment for all contributors to the repository.

Bookmarks for 9 mag 2011 through 10 mag 2011

These are my links for 9 mag 2011 through 10 mag 2011:

Unix shell scripting with ksh/bash – The goals of this class are to enable you to: 
 
Learn what kinds of problems are suited to shell scripts 
Review the most commonly used Unix commands that are useful in shell scripts. 
Write simple shell scripts using the Bourne, Korn or Bash shells 
These notes are intended for use in a 2-part class, total duration 3 hours[…]
Cool, but obscure unix tools :: KKovacs – Just a list of 20 (now 24) little-known tools for the command line — I hope you find something useful that you weren't aware of yet! Use your operating system's package manager to install most of them. (Thanks for the tips, everybody!) 
 
[ via Bru Aggregator ]
Securing your Linux vsftp installations by locking down your server and chroot()’ing users – […]I’ve been using vsftpd for quite some time, and it has one of the best security track records of the various FTP server implementations. When I’m forced to use FTP, I always install vsftp and perform a number of actions to lock down my FTP server installation. […]

Bookmarks for 5 mag 2011 through 7 mag 2011

These are my links for 5 mag 2011 through 7 mag 2011:

500 Internal Server Error – 500 Internal Server Error
Security Event Descriptions – This article contains descriptions of various security-related and auditing- related events, and tips for interpreting them. 
 
These events will all appear in the Security event log and will be logged with a source of "Security."
Windows Server 2008 R2 and Windows Server 2008 technical documentation, downloads, and additional resources – Windows Server 2008 R2 and Windows Server 2008 are the most advanced Windows Server operating systems yet, designed to power the next generation of networks, applications, and Web services. With these operating systems you can develop, deliver, and manage rich user experiences and applications, provide a highly secure network infrastructure, and increase technological efficiency and value within your organization. 
 
 
(LOL)